diff options
author | tholenst <tholenst@google.com> | 2019-07-31 13:21:17 -0700 |
---|---|---|
committer | Copybara-Service <copybara-worker@google.com> | 2019-07-31 13:21:49 -0700 |
commit | d73d7be49eef974ddf283d23e9fad0fca6d566d5 (patch) | |
tree | 07152e3e400f8f15e868087948c96166c1a5bc4d /cc/config | |
parent | 9e9100ce6117dbd24afa4e51deebf74c6b7f9eef (diff) | |
download | tink-d73d7be49eef974ddf283d23e9fad0fca6d566d5.tar.gz |
C++/Objc Tink: Remove building the RegistryConfig protos.
These are not needed anymore, since we simply register all key managers directly; they were only needed for catalogue support.
PiperOrigin-RevId: 260986202
Diffstat (limited to 'cc/config')
-rw-r--r-- | cc/config/BUILD.bazel | 2 | ||||
-rw-r--r-- | cc/config/CMakeLists.txt | 2 | ||||
-rw-r--r-- | cc/config/tink_config_test.cc | 266 |
3 files changed, 18 insertions, 252 deletions
diff --git a/cc/config/BUILD.bazel b/cc/config/BUILD.bazel index 69acb07ff..cbc15b27e 100644 --- a/cc/config/BUILD.bazel +++ b/cc/config/BUILD.bazel @@ -49,7 +49,9 @@ cc_test( "//cc:mac", "//cc:registry", "//cc:streaming_aead", + "//cc/aead:aes_gcm_key_manager", "//cc/util:status", + "//cc/util:test_matchers", "@com_google_googletest//:gtest_main", ], ) diff --git a/cc/config/CMakeLists.txt b/cc/config/CMakeLists.txt index 0d47b9dd0..c65206e1c 100644 --- a/cc/config/CMakeLists.txt +++ b/cc/config/CMakeLists.txt @@ -31,6 +31,7 @@ tink_cc_test( NAME tink_config_test SRCS tink_config_test.cc DEPS + tink::aead::aes_gcm_key_manager tink::config::tink_config tink::core::aead tink::core::config @@ -40,6 +41,7 @@ tink_cc_test( tink::core::mac tink::core::registry tink::core::streaming_aead + tink::util::test_matchers tink::util::status ) diff --git a/cc/config/tink_config_test.cc b/cc/config/tink_config_test.cc index 06b416ddc..54e377519 100644 --- a/cc/config/tink_config_test.cc +++ b/cc/config/tink_config_test.cc @@ -18,6 +18,7 @@ #include "gtest/gtest.h" #include "tink/aead.h" +#include "tink/aead/aes_gcm_key_manager.h" #include "tink/config.h" #include "tink/deterministic_aead.h" #include "tink/hybrid_decrypt.h" @@ -28,263 +29,24 @@ #include "tink/registry.h" #include "tink/streaming_aead.h" #include "tink/util/status.h" +#include "tink/util/test_matchers.h" namespace crypto { namespace tink { namespace { -class TinkConfigTest : public ::testing::Test { - protected: - void SetUp() override { Registry::Reset(); } -}; - -typedef struct KeyTypeEntry { - std::string catalogue_name; - std::string primitive_name; - std::string type_url; - bool new_key_allowed; - int key_manager_version; -} KeyTypeEntry; - -TEST_F(TinkConfigTest, testBasic) { - std::vector<KeyTypeEntry> all_key_type_entries; - - std::vector<KeyTypeEntry> mac_key_type_entries; - mac_key_type_entries.push_back( - {"TinkMac", "Mac", - "type.googleapis.com/google.crypto.tink.HmacKey", true, 0}); - mac_key_type_entries.push_back( - {"TinkMac", "Mac", - "type.googleapis.com/google.crypto.tink.AesCmacKey", true, 0}); - all_key_type_entries.insert(std::end(all_key_type_entries), - std::begin(mac_key_type_entries), - std::end(mac_key_type_entries)); - - std::vector<KeyTypeEntry> aead_key_type_entries; - aead_key_type_entries.push_back( - {"TinkAead", "Aead", - "type.googleapis.com/google.crypto.tink.AesCtrHmacAeadKey", true, 0}); - aead_key_type_entries.push_back( - {"TinkAead", "Aead", - "type.googleapis.com/google.crypto.tink.AesGcmKey", true, 0}); - aead_key_type_entries.push_back( - {"TinkAead", "Aead", - "type.googleapis.com/google.crypto.tink.AesGcmSivKey", true, 0}); - aead_key_type_entries.push_back( - {"TinkAead", "Aead", - "type.googleapis.com/google.crypto.tink.AesEaxKey", true, 0}); - aead_key_type_entries.push_back( - {"TinkAead", "Aead", - "type.googleapis.com/google.crypto.tink.XChaCha20Poly1305Key", true, 0}); - aead_key_type_entries.push_back( - {"TinkAead", "Aead", - "type.googleapis.com/google.crypto.tink.KmsAeadKey", true, 0}); - aead_key_type_entries.push_back( - {"TinkAead", "Aead", - "type.googleapis.com/google.crypto.tink.KmsEnvelopeAeadKey", true, 0}); - all_key_type_entries.insert(std::end(all_key_type_entries), - std::begin(aead_key_type_entries), - std::end(aead_key_type_entries)); - - std::vector<KeyTypeEntry> hybrid_key_type_entries; - hybrid_key_type_entries.push_back( - {"TinkHybridDecrypt", "HybridDecrypt", - "type.googleapis.com/google.crypto.tink.EciesAeadHkdfPrivateKey", - true, 0}); - hybrid_key_type_entries.push_back( - {"TinkHybridEncrypt", "HybridEncrypt", - "type.googleapis.com/google.crypto.tink.EciesAeadHkdfPublicKey", - true, 0}); - all_key_type_entries.insert(std::end(all_key_type_entries), - std::begin(hybrid_key_type_entries), - std::end(hybrid_key_type_entries)); - - std::vector<KeyTypeEntry> signature_key_type_entries; - signature_key_type_entries.push_back( - {"TinkPublicKeySign", "PublicKeySign", - "type.googleapis.com/google.crypto.tink.EcdsaPrivateKey", true, 0}); - signature_key_type_entries.push_back( - {"TinkPublicKeyVerify", "PublicKeyVerify", - "type.googleapis.com/google.crypto.tink.EcdsaPublicKey", true, 0}); - signature_key_type_entries.push_back( - {"TinkPublicKeySign", "PublicKeySign", - "type.googleapis.com/google.crypto.tink.Ed25519PrivateKey", true, 0}); - signature_key_type_entries.push_back( - {"TinkPublicKeyVerify", "PublicKeyVerify", - "type.googleapis.com/google.crypto.tink.Ed25519PublicKey", true, 0}); - signature_key_type_entries.push_back( - {"TinkPublicKeySign", "PublicKeySign", - "type.googleapis.com/google.crypto.tink.RsaSsaPssPrivateKey", true, 0}); - signature_key_type_entries.push_back( - {"TinkPublicKeyVerify", "PublicKeyVerify", - "type.googleapis.com/google.crypto.tink.RsaSsaPssPublicKey", true, 0}); - signature_key_type_entries.push_back( - {"TinkPublicKeySign", "PublicKeySign", - "type.googleapis.com/google.crypto.tink.RsaSsaPkcs1PrivateKey", true, - 0}); - signature_key_type_entries.push_back( - {"TinkPublicKeyVerify", "PublicKeyVerify", - "type.googleapis.com/google.crypto.tink.RsaSsaPkcs1PublicKey", true, 0}); - all_key_type_entries.insert(std::end(all_key_type_entries), - std::begin(signature_key_type_entries), - std::end(signature_key_type_entries)); - - std::vector<KeyTypeEntry> daead_key_type_entries; - daead_key_type_entries.push_back( - {"TinkDeterministicAead", "DeterministicAead", - "type.googleapis.com/google.crypto.tink.AesSivKey", true, 0}); - all_key_type_entries.insert(std::end(all_key_type_entries), - std::begin(daead_key_type_entries), - std::end(daead_key_type_entries)); - - std::vector<KeyTypeEntry> saead_key_type_entries; - saead_key_type_entries.push_back( - {"TinkStreamingAead", "StreamingAead", - "type.googleapis.com/google.crypto.tink.AesGcmHkdfStreamingKey", - true, 0}); - all_key_type_entries.insert(std::end(all_key_type_entries), - std::begin(saead_key_type_entries), - std::end(saead_key_type_entries)); - - auto& config = TinkConfig::Latest(); - - EXPECT_EQ(all_key_type_entries.size(), TinkConfig::Latest().entry_size()); - - int i = 0; - for (const auto& key_type_entry : all_key_type_entries) { - EXPECT_EQ(key_type_entry.catalogue_name, config.entry(i).catalogue_name()); - EXPECT_EQ(key_type_entry.primitive_name, config.entry(i).primitive_name()); - EXPECT_EQ(key_type_entry.type_url, config.entry(i).type_url()); - EXPECT_EQ(key_type_entry.new_key_allowed, - config.entry(i).new_key_allowed()); - EXPECT_EQ(key_type_entry.key_manager_version, - config.entry(i).key_manager_version()); - i++; - } - - // No key manager before registration. - for (const auto& key_type_entry : aead_key_type_entries) { - auto manager_result = - Registry::get_key_manager<Aead>(key_type_entry.type_url); - EXPECT_FALSE(manager_result.ok()); - EXPECT_EQ(util::error::NOT_FOUND, manager_result.status().error_code()); - } - for (const auto& key_type_entry : mac_key_type_entries) { - auto manager_result = - Registry::get_key_manager<Mac>(key_type_entry.type_url); - EXPECT_FALSE(manager_result.ok()); - EXPECT_EQ(util::error::NOT_FOUND, manager_result.status().error_code()); - } - for (const auto& key_type_entry : hybrid_key_type_entries) { - if (key_type_entry.catalogue_name == "TinkHybridEncrypt") { - // HybridEncrypt - auto manager_result = - Registry::get_key_manager<HybridEncrypt>(key_type_entry.type_url); - EXPECT_FALSE(manager_result.ok()); - EXPECT_EQ(util::error::NOT_FOUND, manager_result.status().error_code()); - } else { - // HybridDecrypt - auto manager_result = - Registry::get_key_manager<HybridDecrypt>(key_type_entry.type_url); - EXPECT_FALSE(manager_result.ok()); - EXPECT_EQ(util::error::NOT_FOUND, manager_result.status().error_code()); - } - } - for (const auto& key_type_entry : signature_key_type_entries) { - if (key_type_entry.catalogue_name == "TinkPublicKeySign") { - // PublicKeySign - auto manager_result = - Registry::get_key_manager<PublicKeySign>(key_type_entry.type_url); - EXPECT_FALSE(manager_result.ok()); - EXPECT_EQ(util::error::NOT_FOUND, manager_result.status().error_code()); - } else { - // PublicKeyVerify - auto manager_result = - Registry::get_key_manager<PublicKeyVerify>(key_type_entry.type_url); - EXPECT_FALSE(manager_result.ok()); - EXPECT_EQ(util::error::NOT_FOUND, manager_result.status().error_code()); - } - } - for (const auto& key_type_entry : daead_key_type_entries) { - auto manager_result = - Registry::get_key_manager<DeterministicAead>(key_type_entry.type_url); - EXPECT_FALSE(manager_result.ok()); - EXPECT_EQ(util::error::NOT_FOUND, manager_result.status().error_code()); - } - for (const auto& key_type_entry : saead_key_type_entries) { - auto manager_result = - Registry::get_key_manager<StreamingAead>(key_type_entry.type_url); - EXPECT_FALSE(manager_result.ok()); - EXPECT_EQ(util::error::NOT_FOUND, manager_result.status().error_code()); - } - - // Registration of standard key types works. - auto status = TinkConfig::Register(); - EXPECT_TRUE(status.ok()) << status; - for (const auto& key_type_entry : aead_key_type_entries) { - auto manager_result = - Registry::get_key_manager<Aead>(key_type_entry.type_url); - EXPECT_TRUE(manager_result.ok()) << manager_result.status(); - EXPECT_TRUE( - manager_result.ValueOrDie()->DoesSupport(key_type_entry.type_url)); - } - - for (const auto& key_type_entry : mac_key_type_entries) { - auto manager_result = - Registry::get_key_manager<Mac>(key_type_entry.type_url); - EXPECT_TRUE(manager_result.ok()) << manager_result.status(); - EXPECT_TRUE( - manager_result.ValueOrDie()->DoesSupport(key_type_entry.type_url)); - } - - for (const auto& key_type_entry : hybrid_key_type_entries) { - if (key_type_entry.catalogue_name == "TinkHybridEncrypt") { - auto manager_result = - Registry::get_key_manager<HybridEncrypt>(key_type_entry.type_url); - EXPECT_TRUE(manager_result.ok()) << manager_result.status(); - EXPECT_TRUE( - manager_result.ValueOrDie()->DoesSupport(key_type_entry.type_url)); - } else { - auto manager_result = - Registry::get_key_manager<HybridDecrypt>(key_type_entry.type_url); - EXPECT_TRUE(manager_result.ok()) << manager_result.status(); - EXPECT_TRUE( - manager_result.ValueOrDie()->DoesSupport(key_type_entry.type_url)); - } - } - - for (const auto& key_type_entry : signature_key_type_entries) { - if (key_type_entry.catalogue_name == "TinkPublicKeySign") { - auto manager_result = - Registry::get_key_manager<PublicKeySign>(key_type_entry.type_url); - EXPECT_TRUE(manager_result.ok()) << manager_result.status(); - EXPECT_TRUE( - manager_result.ValueOrDie()->DoesSupport(key_type_entry.type_url)); - } else { - auto manager_result = - Registry::get_key_manager<PublicKeyVerify>(key_type_entry.type_url); - EXPECT_TRUE(manager_result.ok()) << manager_result.status(); - EXPECT_TRUE( - manager_result.ValueOrDie()->DoesSupport(key_type_entry.type_url)); - } - } - - for (const auto& key_type_entry : daead_key_type_entries) { - auto manager_result = - Registry::get_key_manager<DeterministicAead>(key_type_entry.type_url); - EXPECT_TRUE(manager_result.ok()) << manager_result.status(); - EXPECT_TRUE( - manager_result.ValueOrDie()->DoesSupport(key_type_entry.type_url)); - } - - for (const auto& key_type_entry : saead_key_type_entries) { - auto manager_result = - Registry::get_key_manager<StreamingAead>(key_type_entry.type_url); - EXPECT_TRUE(manager_result.ok()) << manager_result.status(); - EXPECT_TRUE( - manager_result.ValueOrDie()->DoesSupport(key_type_entry.type_url)); - } -} // namespace +using ::crypto::tink::test::IsOk; +using ::crypto::tink::test::StatusIs; + +TEST(TinkConfigTest, RegisterWorks) { + EXPECT_THAT(Registry::get_key_manager<Aead>(AesGcmKeyManager().get_key_type()) + .status(), + StatusIs(util::error::NOT_FOUND)); + TinkConfig::Register(); + EXPECT_THAT(Registry::get_key_manager<Aead>(AesGcmKeyManager().get_key_type()) + .status(), + IsOk()); +} } // namespace } // namespace tink |